configuration machine . . .creating a plurality of resource groups, each resource group 
including at least one zone, specifying access control rule, including a scope, for each 
resource group and configuring each firewall using the access control rules. 

In contrast, and as agreed to by the Examiner, Reid does not explicitly teach 
"central management or machines." However, the Office Action asserts that "Reid 
operates to generate service requests in a firewall network, the artisan would have 
looked to the network firewall arts for details of implementing access controls. In that 
art, Antur, the related network firewall adapter teaches "central points of 
administration for entire networks . . .in order to access rules". 

Applicants would like to highlight that Claim 1 1 specifically states that each 
firewall is configured using the access control rules. 

In sharp contrast, Reid is directed toward configuring regions that are defined 
as groupings of physical interfaces (network cards) and virtual networks (VPNs). 
See, for example, column 4, lines 50-53 of Reid. Moreover, column 5, lines 7-13 of 
Reid specifically states that a region can consist of the following members: an 
interface card, a VPN, a group of VPNs, an interface card and a VPN, or an interface 
card in a group of VPNs. There is absolutely no teaching, suggestion, or mention of 
configuring each firewall as recited in Claim 1 1 in Reid. Moreover, since Reid states 
on column 2, lines 18-21, that "a feature of the present invention is the application 
level approach to security enforcement, wherein type enforcement is integral to the 
operating system" it would be contrary to the teachings of Reid to say that it is 
combinable with a system that teaches "central points of administration for entire 
networks" as asserted by the Office Action. Clearly Reid is directed toward 
application-level security enforcement and thus, the combination of Reid and Antur 
would require a complete redesign and reconfiguration of Reid that are actually 
contrary to the teachings of Reid. 

While Antur teaches central points of administration for entire networks and a 
central database, as with Reid, Antur fails to teach or suggest configuring each of a 
plurality of firewalls using the access control rules as specified in the independent 
claims. 

Accordingly, not only do the cited references fail to teach or suggest each and 
every feature as recited in the independent claims, but the motivation to combine the 
two references is defective. Accordingly, the outstanding rejection is untenable and 
should be withdrawn. 



2 



The independent claims are thus patentable over the cited references. 
Moreover, the claims that depend therefrom are also allowable for at least the reasons 
outlined above and the additional feature(s) recited therein. Applicants respectfully 
submit the application is in condition for allowance. A prompt Notice of Allowance 
is respectfully solicited. 

The Commissioner is hereby authorized to charge to deposit account number 
50-1165 ( T3264-906761) any fees under 37 CFR § 1.16 and 1.17 that may be 
required by this paper and to credit any overpayment to that Account. If any 
extension of time is required in connection with the filing of this paper and has not 
been separately requested, such extension is hereby requested. 
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